Content transmission device and content reception device

ABSTRACT

A content reception equipment for accessing an in-home content transmission equipment from a remote place executes a first authentication process with the content transmission equipment in advance, executes the remote access information sharing process required for access from a remote place, and causes the information on the content reception equipment and the remote access information to be registered in an equipment information table of the content transmission equipment. 
     In the case where the in-home content transmission equipment is accessed by the content reception equipment brought out of home, the content transmission equipment transmits the content to the content reception equipment only in the case where the information on the content reception equipment is registered in the device information table of the content transmission equipment and the second authentication process using the remote access information is successfully executed between the content transmission equipment and the content reception equipment.

INCORPORATION BY REFERENCE

This application is a Continuation application of U.S. Ser. No.12/746,876 filed Jun. 8, 2010, which is the U.S. National Phase ofPCT/JP2009/052504 filed Feb. 16, 2009, which claims priority fromJapanese Patent Application No. 2008-066964 filed on Mar. 17, 2008. Thesubject matter of each is incorporated herein by reference in entirety.

TECHNICAL FIELD

This invention relates to a transmission equipment, a receptionequipment and a content transmission method suitable for protection ofthe copyright of the contents of video and audio signals transmitted orreceived through a network.

BACKGROUND ART

With the progress of the processing ability including the computationspeed and the storage capacity of the personal computer (hereinafterreferred to as the PC), the capacity of the hard disk drive (hereinafterreferred to as the HDD) built in the PC has increased. In thissituation, even the PC of the rank used in an ordinary home has come topossess the ability to record a TV broadcast program using the HDD andpermit the user to view the recorded program on the display of the PC.

As the result of recent development of the digital video signalprocessing technique, on the other hand, digital AV equipments such as aTV having a built-in digital tuner for receiving the digitalbroadcasting (hereinafter referred to as the DTV) and a digital recorderfor recording/reproducing a digital broadcast program (for example, theHDD recorder, DVD recorder and the BD recorder) have been commercializedin succession.

Further, the extension of the broadband/internet has made it possible tomount a digital interface such as the wired/wireless LAN (Local AreaNetwork), IEEE1394 or USB in the digital AV equipments and transmit thedigital contents through a network.

Generally, in the case where the digitally recorded contents arerecorded by transmission from one equipment to another through anetwork, etc. as described above, the data quality is degenerated lessduring transmission and a copy (duplicate) of the same quality as thecontents in the equipment at the transmitting end can be generated atthe receiving end. For the contents with the copyright thereof to beprotected, therefore, a measure is required to prevent the illegalcreation of a copy of the contents departing from the range of personaluse.

In transmitting a content between digital AV equipments, for example, acopy protection method is employed in which the content is encrypted bythe content transmission equipment, and the information for decryptionis shared with the content reception equipment, so that even if thecontent is received correctly by an equipment other than the destinationcontent reception equipment, the decryption of the content is prevented,thereby preventing the unlimited copy creation.

An example of the copy protection method employed for the digital AVequipments is a Digital Transmission Content Protection (DTCP) methodspecifying a method of copy protection on the IEEE1394 bus. In the DTCPmethod, the contents are managed by being classified into the categoriesof “copy free”, “copy one generation” and “copy never”. The recorderrecords only the contents in the category of “copy free” or “copy onegeneration”, and the content in the category of “copy one generation”,once recorded, is handled as “copy free”. Except for the contents in thecategory of “copy free”, all the contents are transmitted on a bus afterbeing encrypted at the transmitting end to prevent the contents frombeing copied in an unlimited manner.

Also in the content transmission by wired or wireless LAN, a DTCP-IPmethod further strengthened in security is specified by extensivelyapplying DTCP to the IP network. According to the DTCP-IP method, atechnique is disclosed to define an in-home network to prevent theunlimited remote distribution of the contents with the copyright thereofto be protected such as a broadcast program recorded in home.

Patent Document 1: JP-A-2005-5821

DISCLOSURE OF THE INVENTION Problem to be Solved by the Invention

The conventional technique described above incorporates the function toconfirm that the equipments at the transmitting and receiving ends areboth located inside the same home in the case where the contentsrequiring copyright protection are transmitted through the wired orwireless LAN.

The user having an equipment such a notebook-sized PC or a portableterminal used in a mobile environment, however, has a great desire toaccess the contents in his/her home using this equipment during a tripor from inside a tram car on his/her way to the working place.

Accordingly, it is an object of this invention to provide a contenttransmission equipment, a content reception equipment and a contenttransmission method in which the legal viewing of the contentstransferred from an in-home equipment to a remote equipment can belimited to the range of personal use.

Means for Solving the Problem

In order to solve the problem described above, according to thisinvention, there is provided a content transmission equipment including:

first authentication means for mutually authenticating the contenttransmission equipment and a content reception equipment connected to anin-home network as legitimate equipments based on a first authenticationprotocol, and confirming that the content reception equipment isexisting in home;

remote access information sharing means for sharing the informationrequired for access from a remote place with the content receptionequipment;

device information management means for holding and managing theinformation on the content reception equipment successfullyauthenticated by the first authentication means and the informationshared by the remote access information sharing means;

second authentication means for mutually authenticating the contenttransmission equipment and the content reception equipment connected tothe remote network as legitimate equipments based on a secondauthentication protocol using the information rendered sharable by theremote access information sharing means; and

encryption means for encrypting the content transmitted to the contentreception equipment using first key information rendered sharable withthe content reception equipment as the result of the authenticationprocess executed by the first authentication means or second keyinformation rendered sharable as the result of the authenticationprocess executed by the second authentication means;

wherein only in the case where the authentication process issuccessfully executed with the content reception equipment using thefirst authentication means, the remote access information required foraccess from a remote place is rendered sharable by the remote accessinformation sharing means, and the information on the content receptionequipment and the remote access information are registered using thedevice information management means; and

wherein only in the case where the authentication process issuccessfully executed with the content reception equipment using thesecond authentication processing means, the content is encrypted usingthe encryption means and sent to the remote content reception equipment.

Advantages of the Invention

The normal authentication process and the equipment authenticationprocess for remote access are executed in advance with a contenttransmission equipment in home, and the equipment authentication processfor remote use is executed from a remote place only on the contentreception equipment successfully subjected to the authenticationprocesses, so that the in-home contents become viewable. As a result,the contents in home can be viewed by the legitimate user from a remoteplace without departing from the range of personal use for an improveduser convenience.

The other objects, features and advantages of the invention will be madeapparent by the following description of embodiments of the inventiontaken in conjunction with the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows an example of a system configuration.

FIG. 2 shows an example of a block configuration of a DTV.

FIG. 3 shows an example of a block configuration of a HDD recorder.

FIG. 4 shows an example of a block configuration of a PC.

FIG. 5 shows an example of a block configuration of a mobile phone.

FIG. 6 shows an example of a configuration of a device informationmanagement unit.

FIG. 7 shows an example of a configuration of equipment information.

FIG. 8 shows an example of the equipment authentication sequencenormally executed between an in-home content transmission equipment anda content reception equipment.

FIG. 9 shows an example of the equipment authentication sequence forexecuting the key exchange for remote access between an in-home contenttransmission equipment and a content reception equipment.

FIG. 10 shows an example of the configuration of a remote accessinformation table held in a device information management unit of acontent reception equipment and brought out to a remote place.

FIG. 11 shows an example of the sequence for executing the contenttransfer between an in-home content transmission equipment and a remotecontent reception equipment.

FIG. 12 shows an example of the configuration of the equipmentinformation.

FIG. 13 shows an example of the system configuration.

FIG. 14 shows an example of the sequence for executing the contenttransfer from a remote content reception equipment and an in-homecontent transmission equipment.

FIG. 15 shows an example of a content transmission equipment list screenof a mobile phone.

FIG. 16 shows an example of a content list screen of a mobile phone.

FIG. 17 shows an example of a content reproduction unit list screen of amobile phone.

FIG. 18 shows an example of the configuration of the equipmentinformation.

FIG. 19 shows an example of the sequence for content transfer from aremote content reception equipment to an in-home content transmissionequipment.

BEST MODE FOR CARRYING OUT THE INVENTION

Embodiments of the invention are explained below.

Embodiment 1

The feature of this embodiment lies in that the illegal viewing/copy isprevented without departing from the range of personal use of thecontents while at the same time making it possible to view the in-homecontents on a remote content reception equipment.

FIG. 1 shows a system configuration based on the assumption that theuser A accesses an in-home equipment from a remote place.

In the home 1 of the user A, a DTV 100, a HDD recorder 200 and a PC 300owned by the user A are connected to a network 3 by the wired LANthrough a hub 11. Also, the hub 11 is connectable to an internet 3through a router 12.

In the remote place (for example, a hotel or a company) where the user Ais located, a mobile phone 500 of the user A can communicate with awireless access point 22, and can be connected to the internet 3 througha router 21. Also, the PC 400 of the user B can be connected to theinternet 3 in a similar way. Further, a DTV 600 installed at a remoteplace is connectable to the internet 3 through the router 21.

In the LAN, the standard IP (Internet Protocol) is used as a networkprotocol, and TCP (Transmission Control Protocol) and UDP (User DatagramProtocol) are used as a high-layer transport protocol. For contenttransfer, on the other hand, a higher-layer application protocol such asRTP (Real-time Transport Protocol), HTTP (Hyper Text Transfer Protocol),FTP (File Transfer Protocol), etc. is used. Incidentally, IPv4 and IPv6are available as different IP versions to any of which the invention isnot limited.

The DTV 100, the HDD recorder 200, the PCs 300, 400, the mobile phone500 and the routers 12, 21 connected to the network each have an IPaddress for identifying themselves on LAN. Also, a 48-bit MAC (MediaAccess Control) address is assigned to the interface unit of eachnetwork communication processing circuit in advance at the time ofmanufacture. The IP address is set for each equipment by DHCP (DynamicHost Configuration Protocol) widely used in the prior art for automaticaddress setting in the network in which the routers 12, 21, for example,are operated as a DHCP server thereby to distribute the IP address toeach equipment.

Incidentally, in the case where IPv6 is used, each equipment candetermine the IP address thereof from the high-order 64 bits of the IPaddress of the routers 12, 21 and the MAC address thereof by what iscalled a stateless automatic setting method.

Although the equipments in the home 1 of the user are interconnected bywired LAN in FIG. 1, the LAN, IEEE1394, USB or Bluetooth through thewireless access point may alternatively be used. Also, the hub 11 andthe router 12 may be integrated with each other, and so may the wirelessaccess point 22 and the router 21.

Also, the routers 12, 21 are connected to the internet through a modemor a photoelectric converter, not shown, or by a modem or aphotoelectric converter built in the router. The routers 12, 21 may beconnected to the internet in any types of methods including a high-speedaccess line such as ADSL (Asymmetric Digital Subscriber Line) or opticalfiber, ISDN (Integrated Services Digital Network), an analog telephoneline or a mobile communication network for mobile phones. The network atthe remote place 2 is also configured similarly.

Further, each equipment in the user home 1 can be accessed through theinternet 3 from the remote place 2 using a technique such as the portforward function of the router or VPN (Virtual Private Network).

Next, an example of the configuration of the DTV 100 is explained withreference to FIG. 2. Incidentally, the DTV 600 is similarly configured.

The DTV 100 is configured of a tuner 101, a descrambler 102, ademultiplexer 103, a decoder 104, a display/speaker 105, a digitalterminal 106, an input processing unit 107, an authentication processingunit 108, a device information management unit 109, anencryption/decryption processing unit 110, a communication processingunit 111, a digital input/output terminal 112 and a control unit 113.

The tuner 101 is a part to select the desired one of a plurality ofchannels received from a broadcast station through an antenna 10 anddemodulate the program digitally modulated.

The descrambler 102 is a part to descramble the program scrambled tomake it possible to receive only the channel under contract with aservice provider.

The demultiplexer 103 is a part to extract the audio and video data froma broadcast program.

The decoder 104 is a part to decode the compressed audio and video datain a broadcast program or received from the digital input/outputterminal 112 and decompress the data into the original audio and videosignals.

The display/speaker 105 is a part to reproduce the output signal fromthe decoder 104 or the signal input from the digital terminal 106. Thedisplay/speaker 105 may not be built in but may be remotely attached.

The digital terminal 106 is a part to input the digital data notcompressed, and constituted of, for example, a HDMI (High-DefinitionMultimedia Interface).

The input processing unit 107 is a part for the user to operate the DTV100 using a remote controller or a touch panel.

The equipment authentication processing unit 108 is a part which inorder to transfer the copyright-protected content through LAN, mutuallyauthenticates a particular AV equipment and other AV equipments toconfirm the legitimacy thereof based on a specified authenticationprotocol, and shares the key used for content encryption and decryption.The specified authentication protocol is, for example, the DTCP methoddescribed above.

The device information management unit 109 is a part to manage theinformation on the AV equipments successfully authenticated by theequipment authentication processing unit 108.

The encryption/decryption processing unit 110 is a part in which thebroadcast program or the contents received through the digitalinput/output terminal 112 by LAN are encrypted or decrypted using thekey shared by the equipment authentication processing unit 108.

The communication processing unit 111 is a part to transmit or receivethe contents and the control command to or from other AV equipmentsconnected by LAN through the digital input/output terminal 112. Thecontents are transmitted together with an identification code such as“copy free”, “copy one generation”, “copy never” or “no more copies”indicating the manner in which the transmitted contents are to behandled.

The digital input/output terminal 112 is a part to input or output thecontents and the control command through LAN.

The control unit 113 is a part for centrally controlling the operationof each part of the DTV 100.

Next, an example of the configuration of the HDD recorder 200 isexplained with reference to FIG. 3.

The HDD recorder 200 is configured of an input processing unit 201, anauthentication processing unit 202, a device information management unit203, a recording/reproduction processing unit 204, a HDD 205, anencryption/decryption processing unit 206, a communication processingunit 207, a digital input/output terminal 208, a decoder 209, a digitalterminal 210 and a control unit 211.

The recording/reproduction processing unit 204 is a part for therecording control to record the contents in the HDD 205 and thereproduction control to reproduce the contents recorded in the HDD 205.

The HDD 205 is a built-in memory for recording a broadcast program. Thismay be replaced by other units such as a removable HDD or optical disk,a memory card or a hybrid memory combining any of them.

The digital terminal 210 is a part in which the non-compressed digitaldata output from the decoder 209 is output to a remote display orspeaker.

The other parts are similar to the corresponding parts of the DTV 100.

Next, an example of the configuration of the PC 300 is explained withreference to FIG. 4.

The PC 300 is configured of a tuner 301, a descrambler 302, ademultiplexer 303, a decoder 304, a display/speaker 305, a digitalterminal 306, an input processing unit 307, an authentication processingunit 308, a device information management unit 309, arecording/reproduction processing unit 310, a HDD 311, anencryption/decryption processing unit 312, a communication processingunit 313, a digital input/output terminal 314, a wirelessencryption/decryption processing unit 315, a wireless communicationprocessing unit 316 and a control unit 317.

The wireless encryption/decryption processing unit 315 is a part inwhich the contents received by wireless LAN through the wirelesscommunication processing unit 316 or the contents output from theencryption/decryption processing unit 312 are encrypted/decrypted usinga well-known standard encryption method such as WEP (Wired EquivalentPrivacy) used as a standard for security protection in wireless LAN. Inplace of the wireless LAN, the wireless communication system for themobile phone such as 3G or W-CDMA (Wideband Code Division MultipleAccess) may be employed.

The wireless communication processing unit 316 is a part totransmit/receive the contents and the control command to and from awireless access point 22 or other AV equipments connected by wirelessLAN.

The other parts are similar to the corresponding parts, respectively, ofthe DTV 100 and the HDD recorder 200. Also, the PC 400 may have asimilar configuration.

Next, an example of the configuration of the mobile phone 500 isexplained with reference to FIG. 5.

The mobile phone 500 is configured of a tuner 501, a descrambler 502, ademultiplexer 503, a decoder 504, a display/speaker 505, a digitalterminal 506, a camera imaging unit 507, a communication processing unit508, an input processing unit 509, an authentication processing unit510, a device information management unit 511, a recording/reproductionprocessing unit 512, a record memory 513, an encryption/decryptionprocessing unit 514, a wireless encryption/decryption processing unit515, a wireless communication processing unit 516 and a control unit517.

The camera imaging unit 507 is a part of a camera to pick up an image.

The record memory 507 is a nonvolatile memory to store the dynamic orstill image picked up by the camera imaging unit 507, the programreceived through the tuner 501 and the information such as the personalinformation and the address book. The record memory 507 may be eitherbuilt in or replaceable.

The other parts are similar to the corresponding parts, respectively, ofthe DTV 100, the HDD recorder 200 and the PC 300.

Next, an example of the configuration of the device informationmanagement unit 109 (similar to 203, 309, 511) in each of the equipmentsdescribed above is explained with reference to FIG. 6.

The device information management unit 109 is configured of a timer1081, a device information updating unit 1082 and an device informationstorage unit 1083.

The timer 1081 is a part used to count time in the case where theequipment authentication processing unit 108 (similar to the units 202,308, 510) confirms whether any equipment to be authenticated exists inhome or in the case where the term of validity of the registrationinformation stored in the device information storage unit 1083 describedlater is managed.

The device information updating unit 1082 is a part to manage the termof validity of the registration information held in the deviceinformation storage unit 1083 described later and to register, update ordelete the information as required.

The device information storage unit 1083 is a part to hold theinformation on the equipments to be authenticated, in the case where theequipments are successfully authenticated by the equipmentauthentication processing unit 108.

Next, an example of the configuration of the equipment information 70stored in the device information storage unit 1083 is explained withreference to FIG. 7.

The equipment information 70 is configured of a management table 700 andan equipment information table 710.

The management table 700 is configured of a maximum authenticationnumber 701, a maximum counter value 702 and a maximum remote accessnumber 703.

The maximum authentication number 701 is the maximum number of times theequipment can be authenticated between the content transmissionequipment and the content reception equipment using the equipmentauthentication processing unit 108.

The maximum counter value 702 is the maximum value on the counter whichis set in the timer 1081.

The maximum remote access number 703 is the maximum number of times aremote content access request is permitted.

The device information table 710, on the other hand, is configured of anID 711, a device ID 712, address information 713, a counter value 714, aremote access key 715, a remote access key label 715A and an accesssituation 716.

The ID 711 indicates the registration number of the table.

The device ID 712 is an identifier for identifying each equipmentuniquely. The device ID 712 is the information unique to each equipmentsuch as a unique ID used for IEEE1394, a device ID used for DTCP whichis generated by a specified certificate authority and held in anonvolatile memory in advance at the time of manufacture of eachequipment. The device ID 712 has a value unique to each equipment andmay contain other information such as a public key.

The address information 713 indicates an IP address or a MAC address ofeach equipment on the network.

The counter value 714 is the present value on the counter which is setin the timer 1081.

The remote access key 715 is the key information used in theauthentication and encryption/decryption process at the time of contenttransfer between the in-home content transmission equipment and theremote content reception equipment.

The remote access key label 716 is an identifier used to identify theremote access key 715.

The access situation 716 indicates the transfer situation (for example,“off”, “in home” or “remote”) between the content transmission equipmentand the content reception equipment.

An equipment authentication processing procedure 800 executed betweenthe HDD recorder (content transmission equipment) 200 and the DTV(content reception equipment) 100 in the system configuration of FIG. 1using each equipment and each information described above is explainedwith reference to FIG. 8. The protocol TCP is used for transmission andreception of the information for the equipment authentication process.Upon transmission of various information such as an authenticationrequest to an equipment at the other end or an authentication responseto the request, the acknowledgment of reception of the request isreturned from the unit at the other end, so that a communication pathwhich can detect a transmission error is secured. Incidentally, the datatransmission/reception for establishment or abandonment of TCPconnection is not shown in FIG. 8.

First, an authentication request is generated by the content receptionequipment 100. The equipment authentication processing unit 108 of thecontent reception equipment 100 sends the authentication request,through the communication processing unit 111 to the contenttransmission equipment 200, together with the information unique to theequipment including the aforementioned device ID and a certificate ofthe information (S801).

The equipment authentication processing unit 202 of the contenttransmission equipment 200 receives the authentication request throughthe communication processing unit 207 and sends the acknowledgment tothe content reception equipment 100 (S802). Then, the equipmentauthentication processing unit 202 of the content transmission equipment200 generates an authentication request by itself, and like in the caseof the content reception equipment 100, sends the authentication requestto the content reception equipment 100 together with the informationunique to the content transmission equipment 200 and a certificatethereof (S803).

The equipment authentication processing unit 108 of the contentreception equipment 100 receives the authentication request and sendsthe acknowledgment to the content transmission equipment 100 (S804).

Next, the equipment authentication processing unit 202 of the contenttransmission equipment 200 verifies each information received in theauthentication request, and sends an authentication response to thecontent reception equipment 100 together with the parameter required forgeneration of the key information (S805).

The equipment authentication processing unit 108 of the contentreception equipment 100, after receiving the authentication response andsending the acknowledgment to the content reception equipment 200(S806), generates an authentication response by itself and like in thecase of the content transmission equipment 200, sends it to the contenttransmission equipment 200 together with the parameter required forgeneration of the key information (S807) thereby to generate anauthentication key shared with the content transmission equipment 200using the required parameter.

The equipment authentication processing unit 202 of the contenttransmission equipment 200, after receiving the authentication responseand sending the acknowledgment to the content reception equipment 100(S808), like the content transmission equipment 100, generates theauthentication key shared with the content reception equipment 100 usingthe required parameter.

Through the steps described above, the equipment authenticationprocessing unit 108 of the content transmission equipment 200 and theequipment authentication processing unit 202 of the content receptionequipment 100 generate and share a common authentication key.

In order to confirm whether the content reception equipment 100 isexisting in home or not, the content transmission equipment 200 notifiesthe content reception equipment 100 that the preparation is made forin-home confirmation.

The equipment authentication processing unit 108 of the contentreception equipment 100, after receiving the notification for in-homeconfirmation preparation and sending the acknowledgment to the contenttransmission equipment 200 (S810), generates an in-home confirmationpreparation notice by itself and sends it to the content transmissionequipment 200 (S811).

The equipment authentication processing unit 202 of the contenttransmission equipment 200, after receiving the in-home confirmationpreparation notice and sending the acknowledgment to the contentreception equipment 100 (S812), sends an in-home confirmation settingrequest to the content reception equipment 100 together with theinformation required for the in-home confirmation (S813).

The equipment authentication processing unit 108 of the contentreception equipment 100, after receiving the in-home confirmationsetting request and making the preparation required for the in-homeconfirmation, sends the acknowledgment to the content transmissionequipment 200 (S814).

The equipment authentication processing unit 202 of the contenttransmission equipment 200 that has received the acknowledgment, afterstarting the timer 1081 in the device information management unit 203,sends an in-home confirmation execution request to the content receptionequipment 100 to confirm whether the content reception equipment 100exists in home or not (S815).

The equipment authentication processing unit 108 of the contentreception equipment 100 receives the in-home confirmation executionrequest and sends the acknowledgment to the content transmissionequipment 200 (S816).

The equipment authentication processing unit 202 of the contenttransmission equipment 200, upon reception of the acknowledgment, stopsthe timer 1081 and confirms that the measurement time (T1) beforereception of the acknowledgment from the issue of the in-homeconfirmation execution request is not longer than a predetermined value(T). In the case where the measurement value (T1) is not longer than thepredetermined value (T), the equipment authentication processing unit202 judges that the content reception equipment 100 exists in home andis expected to be used within the range of personal use and sends thecorresponding in-home confirmation result to the content receptionequipment 100 (S817). In the case where the measurement value (T1) islonger than the predetermined value (T), on the other hand, theequipment authentication processing unit 202 judges that the contentreception equipment 100 may exist at a remote place, and by suspendingthe process, terminates the equipment authentication process.

The equipment authentication processing unit 108 of the contentreception equipment 100 that has received the in-home configurationresult sends the acknowledgment to the content transmission equipment200 (S818). Then, the equipment authentication processing unit 202 ofthe content transmission equipment 200 generates an exchange key usedfor content encryption, and by encrypting the exchange key using theauthentication key, sends it to the content reception equipment 100together with the ID for identifying the exchange key.

The equipment authentication processing unit 108 of the contentreception equipment 100 decrypts the exchange key sent from the contenttransmission equipment 200 using the authentication key, and sends theacknowledgment (S820).

The equipment authentication processing unit 202 of the contenttransmission equipment 200, upon reception of the acknowledgment,registers the information on the content reception equipment 100 in thedevice information table 710 in the device information management unit203 (S821). As indicated by the record 721 of the ID 711 in the deviceinformation table 710, for example, the device ID of the contentreception equipment 100 that has been received in step S801 is set inthe device ID 712, the MAC address of the content reception equipment100 on the network in the address information 713, the maximum countervalue 702 of the management table 700 in the counter value 714, and“off” in the access situation 716.

In this way, the equipment authentication processing unit 202 of thecontent transmission equipment 200 and the equipment authenticationprocessing unit 108 of the content reception equipment 100 share acommon exchange key. This exchange key is used for generating a commonkey to encrypt/decrypt the contents. For generation of theauthentication key, the exchange key and the common key described above,the well-known key generation/key exchange algorithm can be used. Also,the processes of steps S809 and S813 may be combined, and so theprocesses of steps S817 and S819.

The foregoing explanation concerns the equipment authentication processexecuted between the content transmission equipment and the contentreception equipment in the content transfer in home.

Next, the equipment authentication processing steps for remote accesswhich are executed between the HDD recorder (content transmissionequipment) 200 and the mobile phone (content reception equipment) 500 inthe system configuration shown in FIG. 1 are explained with reference toFIG. 9.

First, the content transmission equipment 200 and the content receptionequipment 500 execute the equipment authentication process 800 explainedabove with reference to FIG. 8.

After that, the equipment authentication processing unit 510 of thecontent reception equipment 500 generates a remote access authenticationrequest and sends it to the content transmission equipment 200 (S901).This remote access authentication request may contain the random numbercreated using a predetermined arithmetic algorithm or the informationunique to the equipment.

The equipment authentication processing unit 202 of the contenttransmission equipment 200 receives the remote access authenticationrequest and sends the acknowledgment to the content reception equipment500 (S902). Then, as in the case of the content reception equipment 500,the equipment authentication processing unit 202 generates a remoteaccess authentication request by itself, and sends it to the contentreception equipment 500 (S903)

The equipment authentication processing unit 510 of the contentreception equipment 500 receives the remote access authenticationrequest and sends the acknowledgment to the content transmissionequipment 200 (S904).

Next, the equipment authentication processing unit 202 of the contenttransmission equipment 200 verifies each information received in theremote access authentication request and sends a remote accessauthentication response to the content reception equipment 500 togetherwith the parameters required for generation of the key information(S905).

The equipment authentication processing unit 510 of the contentreception equipment 500, after receiving the remote accessauthentication response and sending the acknowledgment to the contenttransmission equipment 200 (S906), generates a remote accessauthentication response by itself, and like in the case of the contenttransmission equipment, sends the remote access authentication responseto the content transmission equipment 200 together with the parametersrequired for generation of the key information (S907), therebygenerating an authentication key shared with the content transmissionequipment 200 using the required parameters.

The equipment authentication processing unit 202 of the contenttransmission equipment 200, which receives the remote accessauthentication response and sends the acknowledgment to the contentreception equipment 500, generates, like in the content receptionequipment 500, the authentication key shared with the content receptionequipment 500 using the required parameters (S908). The equipmentauthentication processing unit 202 of the content transmission equipment200 generates the remote access key dedicated to the content receptionequipment 500 for use in the content encryption and the equipmentauthentication process at the time of using the remote contents, and byencrypting the remote access key using the authentication key generatedin step S908, sends it to the content reception equipment 500 (S909).

The equipment authentication processing unit 510 of the contentreception equipment 500, upon reception of the remote access key, sendsthe acknowledgment to the content transmission equipment 200 (S910) anddecrypts the remote access key using the authentication key.

The equipment authentication processing unit 202 of the contenttransmission equipment 200, upon reception of the acknowledgment, addsthe information on the content reception equipment 500 to equipmentinformation table 710 in the device information management unit 203(S911). As indicated by the record 722 of the ID 711 in the deviceinformation table 710, for example, the ID 711, the device ID 712, theaddress information 713, the counter value 714 and the access situation716 are set as described above. Further, the remote access key sent tothe content reception equipment 500 is additionally set in the remoteaccess key 715.

The equipment authentication processing unit 510 of the contentreception equipment 500, on the other hand, generates or updates theremote access information table 1000 stored in the device informationmanagement unit 511 (S912).

Now, an example of the configuration of the remote access informationtable 1000 is explained with reference to FIG. 10.

The remote access information table 1000 held in the device informationmanagement unit 511 is configured of address information 1001,registration information 1002 and a remote access common key 1003.

The address information such as the MAC address, the IP address or theport number required for the content reception equipment 500 to accessthe content transmission equipment 200 or the router 12 from a remoteplace are registered as the address information 1001.

The user name or the password required for the content receptionequipment 500 to log in to the content transmission equipment 200 or therouter 12 from a remote place are registered as the registrationinformation 1002.

The remote access key received in step S910 is set as the remote accesscommon key 1003.

As described above, in order to use the contents stored in the contenttransmission equipment 200 from a remote place in response to therequest from the content reception equipment 500 after execution of thenormal authentication, the content transmission equipment 200 and thecontent reception equipment 500 come to share a common key for remoteaccess. The remote access key generated by the content transmissionequipment 200 is a common key used only for the content receptionequipment 500 and cannot be used for other content reception equipments.Also, the remote access key is used for the equipment authenticationprocess executed at the time of receiving a content distribution requestfrom a remote place and/or the generation of a common key for contentencryption. A well-known key generation/key exchange algorithm can beused for generation of the authentication key, the exchange key or theremote access key.

A method is also available in which by omitting the process of stepsS903 to S908, the remote access key is encrypted using theauthentication key shared by the normal authentication process 800 andsent to the content reception equipment 500 in step 909. As anotheralternative, the content transmission equipment 200 is allowed to havethe time of accepting the remote access authentication request after thenormal authentication process 800 so that the content receptionequipment 500 is required to issue the remote access authenticationrequest within a predetermined time. As still another alternative, theprocess of steps S901 and S902 may be executed immediately before stepS819 in the normal authentication process 800, in which case steps S909and S910 may be executed after step S820 or steps S819 and S909 may becombined into a single step.

Next, with reference to FIG. 11, an explanation is given about theprocedure in which the user A takes out the mobile phone 500 fromhis/her home and by using the mobile phone (content reception equipment)500 at a remote place B, views the content recorded in the HDD 205 ofthe HDD recorder (content transmission equipment) 200.

First, the user A issues a content viewing command using the inputprocessing unit 509 of the mobile phone 500. Then, the control unit 517of the mobile phone 500 displays a content transmission equipment listscreen (FIG. 15) on the display/speaker 505. A record memory 513, thecontent transmission equipment (DTV 600) detected to be currentlyexistent on the network and the content transmission equipment 200registered in the remote access information table 1000 managed by thedevice information management unit 511 are displayed on the contenttransmission equipment list screen 1500 (S1101).

In a method available to detect the content transmission equipmentexisting on the network, for example, a UDP packet containing “a requestto detect an equipment having the content transmission function” ismulticast to all the equipments on the network and only an equipmenthaving such a function responds thereby to recognize the contenttransmission equipment. This method can use the conventional techniquesuch as SSDP (Simple Service Discovery Protocol) or DLNA (Digital LivingNetwork Alliance).

Next, the user A selects the content transmission equipment 200 on thecontent transmission equipment list screen 1500. Then, the control unit517 of the content reception equipment 500, by accessing the addressinformation of the content reception equipment 500 registered in theremote access information table 1000, sends a content informationacquisition request to the content transmission equipment 200 in thehome 1 of the user A through the internet 3 including a wireless accesspoint 22 and a router 21 from a wireless communication processing unit516 (S1102).

The control unit 211 of the content transmission equipment 200 sends theacknowledgment to the content reception equipment 500 through thecommunication control unit 207 (S1103), so that the information on apart or the whole of the contents (for example, the title, date, copycontrol information and the recording time) stored in the HDD 205 aresent to the content reception equipment 500 (S1104).

The control unit 517 of the content reception equipment 500 sends theacknowledgment to the content transmission equipment 200 (S1105), andthe content information thus received are displayed on thedisplay/speaker 505 as a content list screen (FIG. 16). The contentdesired to view on the content list screen 1600 is designated by theuser A through the input processing unit 509 (S1106). Then, theequipment authentication processing unit 510 of the content receptionequipment 500 generates a remote authentication request. The remoteauthentication request is sent to the content transmission equipment 200together with the information unique to the equipment including thedevice ID, the remote access key or the calculation value generatedusing the key and a certificate (S1107).

The equipment authentication processing unit 202 of the contenttransmission equipment 200 which has received the remote authenticationrequest confirms that the device ID of the content reception equipment500 is registered in the device information table 710 managed in thedevice information management unit 203, and sends the acknowledgment tothe content reception equipment 500 (S1108). In the case where thedevice ID of the content reception equipment 500 is not registered inthe device information table 710, the content transmission equipment 100suspends the process.

Next, the equipment authentication processing unit 202 of the contenttransmission equipment 200 generates a remote authentication request byitself, and as in the case of the content reception equipment, sends itto the content reception equipment 500 together with the informationunique to the content transmission equipment 200, the remote access keyor the calculation value generated using the particular key and acertificate (S1109).

The equipment authentication processing unit 510 of the contentreception equipment 500 receives the remote authentication request andsends the acknowledgment to the content transmission equipment 200(S1110).

Next, the equipment authentication processing unit 202 of the contenttransmission equipment 200 verifies each information received in theremote authentication request, and sends a remote authenticationresponse to the content reception equipment 500 together with remoteaccess key or the calculation value generated using the key and theparameter required for generation of the key information (S1111).

The equipment authentication processing unit 510 of the contentreception equipment 500, after receiving the remote authenticationresponse and sending the acknowledgment to the content transmissionequipment 200 (S1112), generates a remote authentication response byitself and, as in the case of the content transmission equipment 200,sends the remote authentication response to the content transmissionequipment 200 together with the parameter required for generation of thekey information (S1113) thereby to generate the remote authenticationkey shared with the content transmission equipment 200 using therequired parameter.

The equipment authentication processing unit 202 of the contenttransmission equipment 200, after receiving the remote authenticationresponse and sending the acknowledgment to the content receptionequipment 500, generates, as in the case of the content receptionequipment 500, an authentication key shared with the content receptionequipment 5200 using the required parameter (S1114). After confirmingthat the counter value 714 of the content reception equipment 500 in thedevice information table 710 has not reached zero (S1115), the equipmentauthentication processing unit 202 generates the remote exchange keyused for content encryption. The remote exchange key is encrypted usingthe remote authentication key, and together with the ID for identifyingthe remote exchange key, sent to the content reception equipment 500(S1116).

In the equipment authentication processing unit 510 of the contentreception equipment 500, the remote exchange key transmitted from thecontent transmission equipment 200 is decrypted using the remoteauthentication key, and the acknowledgment sent (S1117).

The equipment authentication processing unit 202 of the contenttransmission equipment 200, upon reception of the acknowledgment,updates the information on the content reception equipment 500 in thedevice information table 710 in the device information management unit203 (S1118). Specifically, the access situation 716 is updated from“off” to “remote”.

After that, the control unit 517 of the content reception equipment 500sends the request to view the desired content to the contenttransmission equipment 200 (S1119). In the process, the viewing requestmay be accompanied by the ID for identifying the remote exchange keyreceived in step S1116.

The control unit 211 of the content transmission equipment 200 sends theacknowledgment for reception of the content viewing request (S1120), theequipment authentication processing unit 202 checks to see whether theID of the remote exchange key is correct or not, and the deviceinformation updating unit 1082 starts by setting the timer 1081 in thedevice information management unit 203 to receive the noticeperiodically (for example, at intervals of one or ten minutes). Also,the equipment authentication processing unit 202 generates a common keyfor content encryption using the remote exchange key and sets the commonkey in the encryption/decryption processing unit 206.

The desired content read from the HDD 205 is encrypted by theencryption/decryption processing unit 206 while at the same time beingsent to the content reception equipment 500 (S1121). Each time thenotice is received from the timer 1081 during the content transmission,the device information updating unit 1082 updates the counter value 714(decrements the counter value, for example) in the device informationtable 710.

The equipment authentication processing unit 510 of the contentreception equipment 500 generates a common key for decrypting thecontent using the remote exchange key and sets the common key in theencryption/decryption processing unit 514. The content received throughthe wireless communication processing unit 516 and the wirelessencryption/decryption processing unit 515 is decrypted by theencryption/decryption processing unit 514 and while being decoded by thedecoder 504, output to the display/speaker 505.

As described above, the equipment authentication process 900 for remoteaccess is executed in home beforehand between the content transmissionequipment and the content reception equipment. Only in the case wherethe content reception equipment successfully authenticated is broughtout of home and the remote authentication process of steps S1107 toS1117 is successfully executed, then the content can be transferred fromthe in-home content transmission equipment to the remote contentreception equipment.

After the content transfer, the content transmission equipment may stopthe timer 1081 and discard the remote exchange key so that the contentmay not be transmitted as long as the remote authentication process isnot executed again even if another content viewing request continues tobe issued by the content reception equipment.

Also, the number of the content reception equipments accessiblesimultaneously from a remote place can be limited by the contenttransmission equipment using the maximum remote access number 703 in themanagement table 700.

Although the content transmission equipment 200 receives the “viewingrequest” in step S1119 as described above, other requests such as a“copy request” or a “move request”, if received, may be rejected toavoid the illegal use of the contents as far as possible.

The protocol used to transmit the contents from the content transmissionequipment 200 to the content reception unit 500 is not limited to aspecified one, but may be any of RTP, HTTP, FTP, etc. The contents canbe transmitted by containing, in the payload of each transfer protocol,the content encrypted by a predetermined algorithm using a common key.The well-known encryption technique AES (Advanced Encryption Standard),for example, can be used as the encryption algorithm.

Also, the counter value 714 in the device information table 710 to beupdated periodically by the content transmission equipment, thoughusable as the same value for the in-home and remote contenttransmission, may alternatively be used as different counter values inhome and remotely as shown in FIG. 12. In such a case, a differentmaximum value can be set as each counter value (i.e. the maximum in-homecounter value 702 and the maximum remote counter value 704 in themanagement table 700).

As understood from the foregoing description, in the content receptionequipment accessing an in-home equipment from a remote place, the normalauthentication process and the authentication process for remote accessare executed in home beforehand with the content transmission equipmentthereby to share the remote access key, while at the same timeregistering the information on the content reception equipment in thedevice information table of the content transmission equipment. As aresult, the content reception equipment can be regarded as a personalproperty after all, and even if brought out of home, the content thereofcan be viewed safely without departing from the range of personalcontent use.

Embodiment 2

The feature of this embodiment lies in preventing the illegal viewingand copy while at the same time making it possible to view the in-homecontents on an unspecified content reception equipment at a remote placewithout departing from the range of personal content use.

FIG. 13 shows an example of the system configuration in an assumed casewhere the user A brings out the mobile phone 500 to a remote place andviews the content of the in-home HDD recorder 200 on a large-screen DTV600 installed at the same remote place as where the mobile phone 500 islocated. The DTV 600 has the same configuration as the DTV 100.

The steps in which the user A views the contents of the in-home HDDrecorder 200 on the DTV 600 at the remote place are explained below withreference to FIG. 14.

As explained in the first embodiment above, the user A executes theremote access equipment authentication 900 in home beforehand betweenthe HDD recorder (content transmission equipment) 200 and the mobilephone 500 to share the remote access key between them.

The user A, who has brought out the mobile phone 500 to a remote place(a hotel, for example) and intends to view the in-home contents on theDTV 600 at the same remote place, first executes the remoteauthentication process by acquiring the content information between thecontent transmission equipment 200 and the mobile phone 500 according tothe same process as steps S1101 to S1118 shown in FIG. 11.

After the remote authentication process is successfully executed and theremote exchange key and the exchange key ID come to be shared by thecontent transmission equipment 200 and the mobile phone 500, the controlunit 517 of the mobile phone (controller) 500 multicasts a UDP packetcontaining a “request to detect an equipment having the reproductionfunction” to all the equipments on the network, for example, and onlythe equipment that has the same function responds. By detecting whetherother content reproduction unit exists on the network using a well-knowntechnique such as DLNA, the content reproduction unit list screen (FIG.17) is displayed on the display/speaker 505 in the presence of suchcontent reproduction unit.

Once the user A selects a content reproduction unit (the DTV 600 in thecase under consideration) on the list screen 1700 through the inputprocessing unit 509, the control unit 517 sends a content viewing issuerequest to the DTV 600 (S1401). The content viewing issue requestcontains the information on the content to be viewed and the addressinformation 1001 of the content transmission equipment 200 registered inthe remote access information table 1000, and in some case, may beaccompanied by the registration information 1002.

The DTV (content reception equipment) 600 that has received the contentviewing issue request sends the acknowledgment to the controller 500(S1402) and executes the normal authentication process 800 with thecontroller 500. In the process, the equipment authentication processingunit 510 of the controller 500 uses the remote exchange key shared withthe content transmission equipment 200 in step S1116 and the ID thereofas a remote exchange key and an ID thereof, respectively, to be sent tothe DTV 600 in step S819. As a result, the same exchange key and the IDthereof have successfully come to be shared among the contenttransmission equipment 200, the controller 500 and the content receptionequipment 600.

After that, the DTV 600 sends a content viewing request to the contenttransmission equipment 200 (S1403). The content viewing request isaccompanied by the ID of the remote exchange key. Also, in order topermit the content transmission equipment 200 to change the format orthe image quality as required for content transmission, the contentviewing request may contain the information on the data format (such asMPEG2-TS or H.264) and the image quality (such as HD, SD, 760p or 1080i)reproducible on the DTV 600. Such information, however, may be containedin another request issued than the content viewing request.

The control unit 211 of the content transmission equipment 200, uponreception of the content viewing request, sends the acknowledgment tothe DTV 600 (S1404). The equipment authentication processing unit 202checks that the ID of the remote exchange key is legitimate, and thedevice information updating unit 1082 starts by setting the timer 1081in the device information management unit 203 in such a manner as toreceive the notice periodically.

Also, the equipment authentication processing unit 202 generates acommon key for content encryption using the remote exchange key and setsthe common key in the encryption/decryption processing unit 206. Thedesired content read from the HDD 205 is encrypted by theencryption/decryption processing unit 206 while at the same time beingsent to the DTV 600 (S1405). In the process, each time the notice isreceived from the timer 1081 during the content transmission, the deviceinformation updating unit 1082 updates the counter value 714 in thedevice information table 710.

The DTV 600 generates a common key for content decryption using theremote exchange key and sets the common key in the encryption/decryptionprocessing unit 110. The contents received through the router 21 and thecommunication processing unit 111 are decrypted by theencryption/decryption processing unit 110 and output to thedisplay/speaker 105 while being decoded by the decoder 104.

As described above, only in the case where the remote exchange key canbe shared between the content transmission equipment and the controllerbrought out after being arranged in home beforehand to share the remoteaccess key with the content transmission equipment, the controller candeliver the remote exchange key to the remote content receptionequipment successfully authenticated in normal fashion.

As a result, the in-home contents can be safely viewed on the remotereception equipment without departing from the range of personal contentuse.

Embodiment 3

In the second embodiment described above, the remote exchange keyrequired for content encryption is sent by the content transmissionequipment 200 only to the controller 500. Therefore, the key exchange(normal authentication process 800) between the controller 500 and thecontent reception equipment 600 is not involved.

The feature of the third embodiment is that the controller 500 notifiesthe content transmission equipment 200 that the remote exchange key hasbeen delivered to the content reception equipment 600.

With reference to FIGS. 18 and 19, the viewing process representing thefeature of this embodiment is explained.

First, as shown in FIG. 18, the device information table 710 of thecontent transmission equipment 200 is provided with a substitute deviceID 718 for setting the device ID of another equipment which receives thecontents on behalf of the equipment indicated by the device ID 712 atthe time of remote use. Further, a substitute address information (MACaddress, IP address, etc.) and a substitute counter value may be added.

Next, the process in which the user A views the contents of the in-homeHDD recorder 200 on the DTV 600 at a remote place 2 is explained withreference to FIG. 19.

The process up to steps S1101 to S118 between the content transmissionequipment 200 and the controller 500 is similar to the process shown inFIG. 14. Also, the process up to steps S1401 and S1402 between thecontroller 500 and the content reception equipment 600 and the processup to the equipment authentication process 800 are also similar to thecorresponding processes shown in FIG. 14.

After that, the controller 500 issues, to the content transmissionequipment 200, a remote equipment setting request to receive thecontents using an authenticated remote equipment (the content receptionequipment 600 in this case) in place of the controller 500 (S1900). Thesetting request contains the information on the content receptionequipment 600 such as the device ID and the MAC address.

The content transmission equipment 200 that has received the remoteequipment setting request sets the device ID of the content receptionequipment 600 contained in the request, in the substitute device ID 718of the device information table 710 (S1901), and issues theacknowledgment to the controller 500 (S1902).

After that, the content reception equipment 600 issues a content viewingrequest to the content transmission equipment 200 (S1403). In theprocess, the viewing request contains the device ID of the contentreception equipment 600 or the address information (such as the MACaddress or the IP address).

The content transmission equipment 200 that has received the contentviewing request, after confirming that the request is issued from thesubstitute device ID 718, issues the acknowledgment to the contentreception equipment 600 and transfers the encrypted content using theremote exchange key.

In the case where a content viewing request is received from thecontroller 500 of the device ID 712 during the content transmission tothe content reception equipment 600 of the substitute device ID 718,then the content transmission to the content reception equipment 600 issuspended or the content viewing request is rejected. In the process,the content may be sent to only one equipment.

As described above, the in-home contents can be viewed safely on theremote content reception equipment without departing from the range ofpersonal content use.

Although embodiments are described above, this invention is not limitedto these embodiments, and it is apparent to those skilled in the artthat the invention can be variously modified or altered withoutdeparting from the spirit and the scope of the appended claim of theinvention.

1. A content transmission equipment comprising: first authenticationmeans for executing a first authentication process based on a firstauthentication method and sharing first key information with a contentreception equipment connected to an in-home network; remote accessinformation sharing means for sharing second key information requiredfor communication from a remote place with said content receptionequipment connected to the in-home network; device informationmanagement means for managing the information on said content receptionequipment authenticated by said first authentication means and saidsecond key information shared by said remote access information sharingmeans; second authentication means for executing a second authenticationprocess using said second key information shared by the remote accessinformation sharing means with said content reception equipmentconnected to the remote network; encryption means for executing theencryption process on the content transmitted to the in-home contentreception equipment using said first key information or on the contenttransmitted to the remote content reception equipment using said secondkey information; and timer means for counting the time; wherein saidsecond key information is shared only with said content receptionequipment successfully subjected to said first authentication process bysaid first authentication means; and the contents are not sent to theremote content reception equipments other than said content receptionequipment registered in said device information management means andsuccessfully subjected to said second authentication process by saidsecond authentication process.